[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted memcached 1.4.33-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 03 Jun 2018 11:37:55 +0200
Source: memcached
Binary: memcached
Architecture: source
Version: 1.4.33-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: David Martínez Moreno <ender@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 868701 894404
Description: 
 memcached  - high-performance memory object caching system
Changes:
 memcached (1.4.33-1+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
 .
   [ Guillaume Delacour ]
   * Fix CVE-2017-9951 by checking the integer length of commands that adds or
     replaces key/value pair (Closes: #868701)
   * Fix CVE-2018-1000115
     + debian/patches/10_CVE-2018-1000115.patch disable listening on UDP port
       by default (from Ubuntu)
     + debian/NEWS add explanation and document how to re-enable UDP if
       necessary.
 .
   [ Salvatore Bonaccorso ]
   * Don't overflow item refcount on get (CVE-2018-1000127) (Closes: #894404)
Checksums-Sha1: 
 dcf4313a69410c9c2f911e96dfe3c250480cdd1a 2203 memcached_1.4.33-1+deb9u1.dsc
 e343530c55946ccbdd78c488355b02eaf90b3b46 389813 memcached_1.4.33.orig.tar.gz
 b47209f2fe7cf3421c7c8af47fdd8b285fff25d9 15924 memcached_1.4.33-1+deb9u1.debian.tar.xz
Checksums-Sha256: 
 a739f2e38eb01c38108da37febf9958aac020ea090db83c4fc1a37e43cb25356 2203 memcached_1.4.33-1+deb9u1.dsc
 83726c8d68258c56712373072abb25a449c257398075a39ec0867fd8ba69771d 389813 memcached_1.4.33.orig.tar.gz
 9f15cacc3a2b7cbbb73aa681325e078e4de066cc65c07c4b572ab43132b67171 15924 memcached_1.4.33-1+deb9u1.debian.tar.xz
Files: 
 9e5331a297dc4771f5e45d410d26a04c 2203 web optional memcached_1.4.33-1+deb9u1.dsc
 2d7f6476283cd36e21e521d901d37a8f 389813 web optional memcached_1.4.33.orig.tar.gz
 d36d194545c3cfcd799411fa0e2ec0a9 15924 web optional memcached_1.4.33-1+deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlsTwqpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E9j8P/jLrczwmr72EyXHcAoK+eFS29cnOGcTd
ta2PFh0bktqfNYUR2uP8BNekQkds1S/dI/Dlo4+qrQyuyLTbEXV00NgMCOm7vh+M
8dLa4uWBZYJtnbMDQ0kwL/ExSbPKL7xKzlZ82/eRBsmTA0aIUbCgSe33azPjwSaW
cHdrqWzlyv+C5ClzatyFXHY9kqLQbszU35P2I59IcHo2mqR6x4AsKYH0iDSIc3lj
+2TKZf3HcUg4s0zpwwEs/41LyYWU1LcToyXwynHAElTEtDQl5YO6yrKkgd+ZB2We
4GAyRWkEQHBMYEO9kSQagBXbaLm/07/+89JJPTrBg1WikMVdxJV8GIcX7qRUNN2f
PVv5j8DD/NEDrDbpjEOltWp4eI1kEVjOSVjtiMomxKqVyQx33Bp6tQLGedpBovd5
Q8xgNAleAUPW350W0gwaT1JtaCDegcr8vAebalzqWbHawgWX0/FqXVommm6sTg4I
UzhaPdvZEfG4Yll0TVygSmqdXiVbz7SmJLu082STBaTF4mSJkFnCH6O9rekEtkUh
/EZDbAtfZ3Ac0hTtp+MfXQKiCpe6ZeM2h1K+xcV4oxWogpvWnHGXryq5PGxFSUoY
7P6wf2qkmgQUjqpShqYMpMKWMCKTuJt8DX5wS2pLGiEfKsD8wV8Bfq5DkoF0+nm0
LpW0wvmN0X3T
=C+iC
-----END PGP SIGNATURE-----


Reply to: